Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 6 Introduction to Digital Security

Published byBarnaby Stone Modified over 6 years ago

Similar presentations

Presentation on theme: "Chapter 6 Introduction to Digital Security"— Presentation transcript:

1 Chapter 6 Introduction to Digital Security

2 Safety Vs Security Safety is also related to security in that the lack of security may pose a safety risk (absence of IT security may lead to a system that is compromised which in turn may not be safe anymore). SAFETY: To be safe requires measures to prevent accidents (cause harm to humans or machines). Examples: Redundant systems to guarantee availability, fire extinguisher. SECURITY: Security requires measures to prevent fraud, crime, illegal activities. Examples: Firewalling, security policy, use of encryption. Security is a necessary but not sufficient prerequisite for achieving safety (a system without security is probably unsafe, but a system with security is not necessarily safe).

3 Risks Involved in Digital Security
COMPUTER SECURITY - generic name for the collection of tools designed to protect data and to thwart hackers. NETWORK SECURITY - measures to protect data during their transmission. INTERNET SECURITY - measures to protect data during their transmission over a collection of interconnected networks. Risks Involved in Digital Security Vulnerabilities Phishing Computer Virus Computer Worms Sniffers Hacking

4 Vulnerability: In computer security, vulnerability is a weakness which allows an attacker to reduce a system's information assurance. To be vulnerable, an attacker must have at least one applicable tool or technique that can connect to a system weakness. Phishing: is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. PHISHING TECHNIQUES Link manipulation Filter evasion Phone phishing Computer Virus: A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability.

5 Computer Worms: A computer worm differs from a computer virus in that a computer worm can run itself. A computer worm can spread without a host program, although some modern computer worms also use files to hide inside. It can damage your files and operation systems. It can spread rapidly on your system or to other computers on network. Sniffers: Sniffers is computer software or computer hardware that can intercept and log traffic passing over a digital network or part of a network. Hackers can sniff your packets with some software or hardware and they can steal your credit card numbers, passwords or s. Hacking: In common usage, a hacker is a stereotypical person who breaks into computers and computer networks, either for profit or motivated by the challenge. HACKING TECHNIQUES: Vulnerability scanner Password cracking Packet sniffer Spoofing attack Social engineering Trojan horses Viruses

6 Avoid Risks In Digital Security
We must use antivirus software’s. We must use firewall for hacker attacks. We shouldn’t open every file. When we receive an we should be careful. We shouldn’t share our personal information on internet. We should be very careful in sharing files when we chat.

7 Firewall Types of Firewalls:
A firewall controls access between networks. It generally consists of gateways and filters which vary from one firewall to another Firewalls act as the intermediate server between SMTP and HTTP connections. A firewall is a group of systems that enforces access between networks. It also enforces the inflow and outflow of data. Some firewalls emphasis on blocking data whereas others deal with permitting data. Important feature of a firewall is access control. Types of Firewalls: Packet Filters Circuit-Level Gateways Application-Level Gateways

8 What firewalls can protect?
Helps keep hackers from accessing the company network. Helps block traffic from the outside to the inside. Can protect against any network borne attack. If attacked the firewall can be used as a tracing tool. What firewalls cannot protect? Can’t protect against trojaned clients. Cant’ protect from those inside the network. Firewalls can’t protect very well against viruses. Too many ways of encoding binary files. Can’t protect against a data-driven attack, in which something is ed and is opened.

9 Types of Security Protocols
The following diagrams shows you the various security protocols which work at the different layers of the OSI Model.

10 Cryptography Cryptographic Terms:
Cryptography (or cryptology) is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). More generally, it is about constructing and analyzing protocols that overcome the influence of adversaries and which are related to various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation. Modern cryptography intersects the disciplines of mathematics, computer science and electrical engineering. Applications of cryptography include  ATM cards, computer passwords and electronic commerce. Cryptographic Terms: Cryptography - study of encryption principles/methods Cryptanalysis (code breaking) - study of principles/ methods of deciphering ciphertext without knowing key Cryptology - field of both cryptography and cryptanalysis Plaintext - original message Ciphertext - coded message Cipher - algorithm for transforming plaintext to ciphertext Key - info used in cipher known only to sender/receiver Encipher (encrypt) - converting plaintext to ciphertext Decipher (decrypt) - recovering ciphertext from plaintext

11 Symmetric Key Encryption (Private Key Cryptography)
Sender and receiver share a single common key. All classical encryption algorithms are private-key. Was only type prior to invention of public-key in 1970’s and by far most widely used. If this key is disclosed communications are compromised. Symmetric, parties are equal, hence does not protect sender from receiver forging a message & claiming that it is sent by sender. Asymmetric Key Encryption (Public Key Cryptography) Probably most significant advance in the 3000 year history of cryptography. Uses two keys – a public & a private key. Asymmetric since parties are not equal. Uses clever application of number theoretic concepts to function. Complements rather than replaces private key cryptography.

Download ppt "Chapter 6 Introduction to Digital Security"

Similar presentations

Cryptography The science of writing in secret code.

Cryptography The science of writing in secret code.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Copyright © 2007 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.

Copyright © 2007 Pearson Education, Inc. Slide 5-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Second Edition.
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.

ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
PART THREE E-commerce in Action Norton University E-commerce in Action.

PART THREE E-commerce in Action Norton University E-commerce in Action.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?

Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Types of Electronic Infection

Types of Electronic Infection
Security System Ability of a system to protect information and system resources with respect to confidentiality and integrity.

Security System Ability of a system to protect information and system resources with respect to confidentiality and integrity.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Chapter 30 - Electronic Commerce and Business Introduction E-Commerce is Big Business –all commercial transactions conducted over the Internet shopping,

Chapter 30 - Electronic Commerce and Business Introduction E-Commerce is Big Business –all commercial transactions conducted over the Internet shopping,
Security is often cited as a major barrier to electronic commerce. Prospective buyers are leery of sending credit card information over the web. Prospective.

Security is often cited as a major barrier to electronic commerce. Prospective buyers are leery of sending credit card information over the web. Prospective.
Topic 5: Basic Security.

Topic 5: Basic Security.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Invitation to Computer Science 5 th Edition Chapter 8 Information Security.

Invitation to Computer Science 5 th Edition Chapter 8 Information Security.
CSCI-235 Micro-Computers in Science Privacy & Security.

CSCI-235 Micro-Computers in Science Privacy & Security.

Similar presentations

Ads by Google